[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Mar 13 22:49:02 UTC 2018
The branch, master has been updated
via 20609aa s4: dsdb/password_hash: use UF_TRUST_ACCOUNT_MASK
via 8497d20 libds: rename UF_MACHINE_ACCOUNT_MASK to UF_TRUST_ACCOUNT_MASK
from c41895b CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 20609aa260f0a84dff4574df4a1564884a813f92
Author: Ralph Boehme <slow at samba.org>
Date: Thu Mar 8 17:35:15 2018 +0100
s4: dsdb/password_hash: use UF_TRUST_ACCOUNT_MASK
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Mar 13 23:48:28 CET 2018 on sn-devel-144
commit 8497d2090900b252853278f29a4aaf3bce7515da
Author: Ralph Boehme <slow at samba.org>
Date: Thu Mar 8 17:34:08 2018 +0100
libds: rename UF_MACHINE_ACCOUNT_MASK to UF_TRUST_ACCOUNT_MASK
The name UF_TRUST_ACCOUNT_MASK better reflects the use case and it's not
yet used.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libds/common/flags.h | 2 +-
source4/dsdb/samdb/ldb_modules/password_hash.c | 4 +---
2 files changed, 2 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libds/common/flags.h b/libds/common/flags.h
index d431bd5..d436f2b 100644
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -53,7 +53,7 @@
#define UF_PARTIAL_SECRETS_ACCOUNT 0x04000000
#define UF_USE_AES_KEYS 0x08000000
-#define UF_MACHINE_ACCOUNT_MASK (\
+#define UF_TRUST_ACCOUNT_MASK (\
UF_INTERDOMAIN_TRUST_ACCOUNT |\
UF_WORKSTATION_TRUST_ACCOUNT |\
UF_SERVER_TRUST_ACCOUNT \
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 1c1de09..c872f20 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -3211,9 +3211,7 @@ static int setup_io(struct ph_context *ac,
/* Only non-trust accounts have restrictions (possibly this test is the
* wrong way around, but we like to be restrictive if possible */
- io->u.restrictions = !(io->u.userAccountControl
- & (UF_INTERDOMAIN_TRUST_ACCOUNT | UF_WORKSTATION_TRUST_ACCOUNT
- | UF_SERVER_TRUST_ACCOUNT));
+ io->u.restrictions = !(io->u.userAccountControl & UF_TRUST_ACCOUNT_MASK);
if (io->u.is_krbtgt) {
io->u.restrictions = 0;
--
Samba Shared Repository
More information about the samba-cvs
mailing list